Return the enum type for error and status

BUG=b:248508087
TEST=make V=1 BOARD=bloonchipper -j
TEST=make runhosttests
TEST=./util/compare_build.sh -b all => MATCH

Force-Relevant-Builds: all
Change-Id: I0177791509ae37a5d40793e219aedafe1e45430e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4502323
Commit-Queue: Yi Chou <yich@google.com>
Reviewed-by: Tom Hughes <tomhughes@chromium.org>
Tested-by: Yi Chou <yich@google.com>

11 files changed, 102 insertions, 80 deletions

diff --git a/common/fpsensor/fpsensor.cc b/common/fpsensor/fpsensor.cc
index 7af7082420..77b9cd2d03 100644
--- a/common/fpsensor/fpsensor.cc
+++ b/common/fpsensor/fpsensor.cc
@@ -394,8 +394,9 @@ DECLARE_HOST_COMMAND(EC_CMD_FP_INFO, fp_command_info,
 
 BUILD_ASSERT(FP_CONTEXT_NONCE_BYTES == 12);
 
-int validate_fp_buffer_offset(const uint32_t buffer_size, const uint32_t offset,
-			      const uint32_t size)
+enum ec_error_list validate_fp_buffer_offset(const uint32_t buffer_size,
+					     const uint32_t offset,
+					     const uint32_t size)
 {
 	uint32_t bytes_requested;
 
@@ -419,7 +420,7 @@ static enum ec_status fp_command_frame(struct host_cmd_handler_args *args)
 	uint16_t fgr;
 	uint8_t key[SBP_ENC_KEY_LEN];
 	struct ec_fp_template_encryption_metadata *enc_info;
-	int ret;
+	enum ec_error_list ret;
 
 	if (size > args->response_max)
 		return EC_RES_INVALID_PARAM;
@@ -561,7 +562,7 @@ static bool template_needs_validation_value(
 	return enc_info->struct_version == 3 && FP_TEMPLATE_FORMAT_VERSION == 4;
 }
 
-static int
+static enum ec_status
 validate_template_format(struct ec_fp_template_encryption_metadata *enc_info)
 {
 	if (template_needs_validation_value(enc_info))
@@ -585,7 +586,6 @@ static enum ec_status fp_command_template(struct host_cmd_handler_args *args)
 	uint16_t idx = templ_valid;
 	uint8_t key[SBP_ENC_KEY_LEN];
 	struct ec_fp_template_encryption_metadata *enc_info;
-	int ret;
 
 	/* Can we store one more template ? */
 	if (idx >= FP_MAX_FINGER_COUNT)
@@ -594,7 +594,8 @@ static enum ec_status fp_command_template(struct host_cmd_handler_args *args)
 	if (args->params_size !=
 	    size + offsetof(struct ec_params_fp_template, data))
 		return EC_RES_INVALID_PARAM;
-	ret = validate_fp_buffer_offset(sizeof(fp_enc_buffer), offset, size);
+	enum ec_error_list ret =
+		validate_fp_buffer_offset(sizeof(fp_enc_buffer), offset, size);
 	if (ret != EC_SUCCESS)
 		return EC_RES_INVALID_PARAM;
 
@@ -621,8 +622,8 @@ static enum ec_status fp_command_template(struct host_cmd_handler_args *args)
 		 */
 		enc_info = (struct ec_fp_template_encryption_metadata *)
 			fp_enc_buffer;
-		ret = validate_template_format(enc_info);
-		if (ret != EC_RES_SUCCESS) {
+		enum ec_status res = validate_template_format(enc_info);
+		if (res != EC_RES_SUCCESS) {
 			CPRINTS("fgr%d: Template format not supported", idx);
 			return EC_RES_INVALID_PARAM;
 		}
diff --git a/common/fpsensor/fpsensor_crypto.cc b/common/fpsensor/fpsensor_crypto.cc
index 7d950b8974..19efc4d068 100644
--- a/common/fpsensor/fpsensor_crypto.cc
+++ b/common/fpsensor/fpsensor_crypto.cc
@@ -31,9 +31,9 @@ test_mockable void compute_hmac_sha256(uint8_t *output, const uint8_t *key,
 #error "fpsensor requires CONFIG_BORINGSSL_CRYPTO and ROLLBACK_SECRET_SIZE"
 #endif
 
-test_export_static int get_ikm(uint8_t *ikm)
+test_export_static enum ec_error_list get_ikm(uint8_t *ikm)
 {
-	int ret;
+	enum ec_error_list ret;
 
 	if (!fp_tpm_seed_is_set()) {
 		CPRINTS("Seed hasn't been set.");
@@ -76,9 +76,10 @@ static void hkdf_extract(uint8_t *prk, const uint8_t *salt, size_t salt_size,
 	compute_hmac_sha256(prk, salt, salt_size, ikm, ikm_size);
 }
 
-static int hkdf_expand_one_step(uint8_t *out_key, size_t out_key_size,
-				uint8_t *prk, size_t prk_size, uint8_t *info,
-				size_t info_size)
+static enum ec_error_list hkdf_expand_one_step(uint8_t *out_key,
+					       size_t out_key_size,
+					       uint8_t *prk, size_t prk_size,
+					       uint8_t *info, size_t info_size)
 {
 	uint8_t key_buf[SHA256_DIGEST_SIZE];
 	uint8_t message_buf[SHA256_DIGEST_SIZE + 1];
@@ -105,8 +106,9 @@ static int hkdf_expand_one_step(uint8_t *out_key, size_t out_key_size,
 	return EC_SUCCESS;
 }
 
-int hkdf_expand(uint8_t *out_key, size_t L, const uint8_t *prk, size_t prk_size,
-		const uint8_t *info, size_t info_size)
+enum ec_error_list hkdf_expand(uint8_t *out_key, size_t L, const uint8_t *prk,
+			       size_t prk_size, const uint8_t *info,
+			       size_t info_size)
 {
 	/*
 	 * "Expand" step of HKDF.
@@ -161,10 +163,11 @@ int hkdf_expand(uint8_t *out_key, size_t L, const uint8_t *prk, size_t prk_size,
 #undef HASH_LEN
 }
 
-int derive_positive_match_secret(uint8_t *output,
-				 const uint8_t *input_positive_match_salt)
+enum ec_error_list
+derive_positive_match_secret(uint8_t *output,
+			     const uint8_t *input_positive_match_salt)
 {
-	int ret;
+	enum ec_error_list ret;
 	uint8_t ikm[CONFIG_ROLLBACK_SECRET_SIZE + sizeof(tpm_seed)];
 	uint8_t prk[SHA256_DIGEST_SIZE];
 	static const char info_prefix[] = "positive_match_secret for user ";
@@ -205,9 +208,9 @@ int derive_positive_match_secret(uint8_t *output,
 	return ret;
 }
 
-int derive_encryption_key(uint8_t *out_key, const uint8_t *salt)
+enum ec_error_list derive_encryption_key(uint8_t *out_key, const uint8_t *salt)
 {
-	int ret;
+	enum ec_error_list ret;
 	uint8_t ikm[CONFIG_ROLLBACK_SECRET_SIZE + sizeof(tpm_seed)];
 	uint8_t prk[SHA256_DIGEST_SIZE];
 
@@ -239,9 +242,11 @@ int derive_encryption_key(uint8_t *out_key, const uint8_t *salt)
 	return ret;
 }
 
-int aes_gcm_encrypt(const uint8_t *key, int key_size, const uint8_t *plaintext,
-		    uint8_t *ciphertext, int text_size, const uint8_t *nonce,
-		    int nonce_size, uint8_t *tag, int tag_size)
+enum ec_error_list aes_gcm_encrypt(const uint8_t *key, int key_size,
+				   const uint8_t *plaintext,
+				   uint8_t *ciphertext, int text_size,
+				   const uint8_t *nonce, int nonce_size,
+				   uint8_t *tag, int tag_size)
 {
 	int res;
 	AES_KEY aes_key;
@@ -271,10 +276,11 @@ int aes_gcm_encrypt(const uint8_t *key, int key_size, const uint8_t *plaintext,
 	return EC_SUCCESS;
 }
 
-int aes_gcm_decrypt(const uint8_t *key, int key_size, uint8_t *plaintext,
-		    const uint8_t *ciphertext, int text_size,
-		    const uint8_t *nonce, int nonce_size, const uint8_t *tag,
-		    int tag_size)
+enum ec_error_list aes_gcm_decrypt(const uint8_t *key, int key_size,
+				   uint8_t *plaintext,
+				   const uint8_t *ciphertext, int text_size,
+				   const uint8_t *nonce, int nonce_size,
+				   const uint8_t *tag, int tag_size)
 {
 	int res;
 	AES_KEY aes_key;
diff --git a/common/mock/rollback_mock.c b/common/mock/rollback_mock.c
index 9395248a61..5b1be063c6 100644
--- a/common/mock/rollback_mock.c
+++ b/common/mock/rollback_mock.c
@@ -31,7 +31,7 @@ static const uint8_t fake_rollback_secret[] = {
 BUILD_ASSERT(sizeof(fake_rollback_secret) == CONFIG_ROLLBACK_SECRET_SIZE);
 
 /* Mock the rollback for unit or fuzz tests. */
-int rollback_get_secret(uint8_t *secret)
+enum ec_error_list rollback_get_secret(uint8_t *secret)
 {
 	if (mock_ctrl_rollback.get_secret_fail)
 		return EC_ERROR_UNKNOWN;
diff --git a/common/rollback.c b/common/rollback.c
index e2860f86f7..8e29b97d28 100644
--- a/common/rollback.c
+++ b/common/rollback.c
@@ -153,9 +153,9 @@ failed:
 }
 
 #ifdef CONFIG_ROLLBACK_SECRET_SIZE
-test_mockable int rollback_get_secret(uint8_t *secret)
+test_mockable enum ec_error_list rollback_get_secret(uint8_t *secret)
 {
-	int ret = EC_ERROR_UNKNOWN;
+	enum ec_error_list ret = EC_ERROR_UNKNOWN;
 	struct rollback_data data;
 
 	if (get_latest_rollback(&data) < 0)
diff --git a/common/test_util.c b/common/test_util.c
index fd8caba10a..9316b36bf1 100644
--- a/common/test_util.c
+++ b/common/test_util.c
@@ -173,8 +173,9 @@ void test_run_multistep(void)
 }
 
 #ifdef HAS_TASK_HOSTCMD
-int test_send_host_command(int command, int version, const void *params,
-			   int params_size, void *resp, int resp_size)
+enum ec_status test_send_host_command(int command, int version,
+				      const void *params, int params_size,
+				      void *resp, int resp_size)
 {
 	struct host_cmd_handler_args args;
 
diff --git a/include/fpsensor_crypto.h b/include/fpsensor_crypto.h
index 21b8513f84..f755578eb1 100644
--- a/include/fpsensor_crypto.h
+++ b/include/fpsensor_crypto.h
@@ -33,8 +33,9 @@ extern "C" {
  * HKDF_MAX_INFO_SIZE bytes.
  * @return EC_SUCCESS on success and error code otherwise.
  */
-int hkdf_expand(uint8_t *out_key, size_t out_key_size, const uint8_t *prk,
-		size_t prk_size, const uint8_t *info, size_t info_size);
+enum ec_error_list hkdf_expand(uint8_t *out_key, size_t out_key_size,
+			       const uint8_t *prk, size_t prk_size,
+			       const uint8_t *info, size_t info_size);
 
 /**
  * Derive hardware encryption key from rollback secret and |salt|.
@@ -43,7 +44,7 @@ int hkdf_expand(uint8_t *out_key, size_t out_key_size, const uint8_t *prk,
  * @param salt the salt to use in HKDF.
  * @return EC_SUCCESS on success and error code otherwise.
  */
-int derive_encryption_key(uint8_t *out_key, const uint8_t *salt);
+enum ec_error_list derive_encryption_key(uint8_t *out_key, const uint8_t *salt);
 
 /**
  * Derive positive match secret from |input_positive_match_salt| and
@@ -55,8 +56,9 @@ int derive_encryption_key(uint8_t *out_key, const uint8_t *salt);
  * least FP_POSITIVE_MATCH_SALT_BYTES in size.
  * @return EC_SUCCESS on success and error code otherwise.
  */
-int derive_positive_match_secret(uint8_t *output,
-				 const uint8_t *input_positive_match_salt);
+enum ec_error_list
+derive_positive_match_secret(uint8_t *output,
+			     const uint8_t *input_positive_match_salt);
 
 /**
  * Encrypt |plaintext| using AES-GCM128.
@@ -72,9 +74,11 @@ int derive_positive_match_secret(uint8_t *output,
  * @param tag_size the size of |tag|.
  * @return EC_SUCCESS on success and error code otherwise.
  */
-int aes_gcm_encrypt(const uint8_t *key, int key_size, const uint8_t *plaintext,
-		    uint8_t *ciphertext, int text_size, const uint8_t *nonce,
-		    int nonce_size, uint8_t *tag, int tag_size);
+enum ec_error_list aes_gcm_encrypt(const uint8_t *key, int key_size,
+				   const uint8_t *plaintext,
+				   uint8_t *ciphertext, int text_size,
+				   const uint8_t *nonce, int nonce_size,
+				   uint8_t *tag, int tag_size);
 
 /**
  * Decrypt |plaintext| using AES-GCM128.
@@ -90,10 +94,11 @@ int aes_gcm_encrypt(const uint8_t *key, int key_size, const uint8_t *plaintext,
  * @param tag_size the length of tag to compare against.
  * @return EC_SUCCESS on success and error code otherwise.
  */
-int aes_gcm_decrypt(const uint8_t *key, int key_size, uint8_t *plaintext,
-		    const uint8_t *ciphertext, int text_size,
-		    const uint8_t *nonce, int nonce_size, const uint8_t *tag,
-		    int tag_size);
+enum ec_error_list aes_gcm_decrypt(const uint8_t *key, int key_size,
+				   uint8_t *plaintext,
+				   const uint8_t *ciphertext, int text_size,
+				   const uint8_t *nonce, int nonce_size,
+				   const uint8_t *tag, int tag_size);
 
 #ifdef __cplusplus
 }
diff --git a/include/fpsensor_utils.h b/include/fpsensor_utils.h
index 59b89b8444..bc300a0e83 100644
--- a/include/fpsensor_utils.h
+++ b/include/fpsensor_utils.h
@@ -25,8 +25,8 @@ extern "C" {
  *   EC_ERROR_INVAL: if size+offset > buffer_size
  *   EC_SUCCESS: otherwise
  */
-int validate_fp_buffer_offset(uint32_t buffer_size, uint32_t offset,
-			      uint32_t size);
+enum ec_error_list validate_fp_buffer_offset(uint32_t buffer_size,
+					     uint32_t offset, uint32_t size);
 
 #ifdef __cplusplus
 }
diff --git a/include/rollback.h b/include/rollback.h
index 55cff3a534..14af92dcef 100644
--- a/include/rollback.h
+++ b/include/rollback.h
@@ -28,7 +28,7 @@ int rollback_get_minimum_version(void);
  * @return EC_SUCCESS on success, EC_ERROR_* on error (e.g. secret is not
  * initialized)
  */
-int rollback_get_secret(uint8_t *secret);
+enum ec_error_list rollback_get_secret(uint8_t *secret);
 
 /**
  * Update rollback protection block to the version passed as parameter.
diff --git a/include/test_util.h b/include/test_util.h
index eb3aa5b4d6..4f9869ab61 100644
--- a/include/test_util.h
+++ b/include/test_util.h
@@ -16,6 +16,7 @@ extern "C" {
 
 #include "common.h"
 #include "console.h"
+#include "ec_commands.h"
 #include "math_util.h"
 #include "stack_trace.h"
 
@@ -191,8 +192,9 @@ void test_print_result(void);
 int test_get_error_count(void);
 
 /* Simulates host command sent from the host */
-int test_send_host_command(int command, int version, const void *params,
-			   int params_size, void *resp, int resp_size);
+enum ec_status test_send_host_command(int command, int version,
+				      const void *params, int params_size,
+				      void *resp, int resp_size);
 
 /* Optionally defined interrupt generator entry point */
 void interrupt_generator(void);
diff --git a/test/fpsensor_crypto.cc b/test/fpsensor_crypto.cc
index 275a1739b6..dca44a2697 100644
--- a/test/fpsensor_crypto.cc
+++ b/test/fpsensor_crypto.cc
@@ -296,7 +296,7 @@ static int test_derive_encryption_key_raw(const uint32_t *user_id_,
 					  const uint8_t *expected_key)
 {
 	uint8_t key[SBP_ENC_KEY_LEN];
-	int rv;
+	enum ec_error_list rv;
 
 	/*
 	 * |user_id| is a global variable used as "info" in HKDF expand
@@ -628,7 +628,7 @@ test_static int test_disable_positive_match_secret(void)
 
 test_static int test_command_read_match_secret(void)
 {
-	int rv;
+	enum ec_status rv;
 	struct ec_params_fp_read_match_secret params;
 	struct ec_response_fp_read_match_secret resp;
 	timestamp_t now = get_time();
@@ -691,7 +691,7 @@ test_static int test_command_read_match_secret(void)
 
 test_static int test_command_read_match_secret_wrong_finger(void)
 {
-	int rv;
+	enum ec_status rv;
 	struct ec_params_fp_read_match_secret params;
 
 	/* GIVEN that the finger is not the matched or enrolled finger. */
@@ -712,7 +712,7 @@ test_static int test_command_read_match_secret_wrong_finger(void)
 
 test_static int test_command_read_match_secret_timeout(void)
 {
-	int rv;
+	enum ec_status rv;
 	struct ec_params_fp_read_match_secret params;
 
 	params.fgr = 0;
@@ -733,7 +733,7 @@ test_static int test_command_read_match_secret_timeout(void)
 
 test_static int test_command_read_match_secret_unreadable(void)
 {
-	int rv;
+	enum ec_status rv;
 	struct ec_params_fp_read_match_secret params;
 
 	params.fgr = 0;
diff --git a/test/fpsensor_state.cc b/test/fpsensor_state.cc
index dd98fae244..f1b74446ea 100644
--- a/test/fpsensor_state.cc
+++ b/test/fpsensor_state.cc
@@ -12,11 +12,11 @@
 
 #include <stdbool.h>
 
-test_static int test_fp_enc_status_valid_flags(void)
+test_static enum ec_error_list test_fp_enc_status_valid_flags(void)
 {
 	/* Putting expected value here because test_static should take void */
 	const uint32_t expected = FP_ENC_STATUS_SEED_SET;
-	int rv;
+	enum ec_status rv;
 	struct ec_response_fp_encryption_status resp = { 0 };
 
 	rv = test_send_host_command(EC_CMD_FP_ENC_STATUS, 0, NULL, 0, &resp,
@@ -24,20 +24,20 @@ test_static int test_fp_enc_status_valid_flags(void)
 	if (rv != EC_RES_SUCCESS) {
 		ccprintf("%s:%s(): failed to get encryption status. rv = %d\n",
 			 __FILE__, __func__, rv);
-		return -1;
+		return EC_ERROR_UNKNOWN;
 	}
 
 	if (resp.valid_flags != expected) {
 		ccprintf("%s:%s(): expected valid flags 0x%08x, got 0x%08x\n",
 			 __FILE__, __func__, expected, resp.valid_flags);
-		return -1;
+		return EC_ERROR_UNKNOWN;
 	}
 
-	return EC_RES_SUCCESS;
+	return EC_SUCCESS;
 }
 
-static int
-check_seed_set_result(const int rv, const uint32_t expected,
+static enum ec_error_list
+check_seed_set_result(const enum ec_status rv, const uint32_t expected,
 		      const struct ec_response_fp_encryption_status *resp)
 {
 	const uint32_t actual = resp->status & FP_ENC_STATUS_SEED_SET;
@@ -45,15 +45,15 @@ check_seed_set_result(const int rv, const uint32_t expected,
 	if (rv != EC_RES_SUCCESS || expected != actual) {
 		ccprintf("%s:%s(): rv = %d, seed is set: %d\n", __FILE__,
 			 __func__, rv, actual);
-		return -1;
+		return EC_ERROR_UNKNOWN;
 	}
 
 	return EC_SUCCESS;
 }
 
-test_static int test_fp_tpm_seed_not_set(void)
+test_static enum ec_error_list test_fp_tpm_seed_not_set(void)
 {
-	int rv;
+	enum ec_status rv;
 	struct ec_response_fp_encryption_status resp = { 0 };
 
 	/* Initially the seed should not have been set. */
@@ -63,9 +63,9 @@ test_static int test_fp_tpm_seed_not_set(void)
 	return check_seed_set_result(rv, 0, &resp);
 }
 
-test_static int test_set_fp_tpm_seed(void)
+test_static enum ec_error_list test_set_fp_tpm_seed(void)
 {
-	int rv;
+	enum ec_status rv;
 	struct ec_params_fp_seed params;
 	struct ec_response_fp_encryption_status resp = { 0 };
 
@@ -78,7 +78,7 @@ test_static int test_set_fp_tpm_seed(void)
 	if (rv != EC_RES_SUCCESS) {
 		ccprintf("%s:%s(): rv = %d, set seed failed\n", __FILE__,
 			 __func__, rv);
-		return -1;
+		return EC_ERROR_UNKNOWN;
 	}
 
 	/* Now seed should have been set. */
@@ -88,9 +88,9 @@ test_static int test_set_fp_tpm_seed(void)
 	return check_seed_set_result(rv, FP_ENC_STATUS_SEED_SET, &resp);
 }
 
-test_static int test_set_fp_tpm_seed_again(void)
+test_static enum ec_error_list test_set_fp_tpm_seed_again(void)
 {
-	int rv;
+	enum ec_status rv;
 	struct ec_params_fp_seed params;
 	struct ec_response_fp_encryption_status resp = { 0 };
 
@@ -106,7 +106,7 @@ test_static int test_set_fp_tpm_seed_again(void)
 		ccprintf("%s:%s(): rv = %d, setting seed the second time "
 			 "should result in EC_RES_ACCESS_DENIED but did not.\n",
 			 __FILE__, __func__, rv);
-		return -1;
+		return EC_ERROR_UNKNOWN;
 	}
 
 	/* Now seed should still be set. */
@@ -116,7 +116,7 @@ test_static int test_set_fp_tpm_seed_again(void)
 	return check_seed_set_result(rv, FP_ENC_STATUS_SEED_SET, &resp);
 }
 
-test_static int test_fp_set_sensor_mode(void)
+test_static enum ec_error_list test_fp_set_sensor_mode(void)
 {
 	uint32_t requested_mode = 0;
 	uint32_t output_mode = 0;
@@ -169,7 +169,7 @@ test_static int test_fp_set_sensor_mode(void)
 	return EC_SUCCESS;
 }
 
-test_static int test_fp_set_maintenance_mode(void)
+test_static enum ec_error_list test_fp_set_maintenance_mode(void)
 {
 	uint32_t output_mode = 0;
 
@@ -186,7 +186,8 @@ test_static int test_fp_set_maintenance_mode(void)
 	return EC_SUCCESS;
 }
 
-test_static int test_fp_command_read_match_secret_fail_fgr_less_than_zero(void)
+test_static enum ec_error_list
+test_fp_command_read_match_secret_fail_fgr_less_than_zero(void)
 {
 	/* Create invalid param with fgr < 0 */
 	struct ec_params_fp_read_match_secret test_match_secret = {
@@ -201,7 +202,8 @@ test_static int test_fp_command_read_match_secret_fail_fgr_less_than_zero(void)
 	return EC_SUCCESS;
 }
 
-test_static int test_fp_command_read_match_secret_fail_fgr_large_than_max(void)
+test_static enum ec_error_list
+test_fp_command_read_match_secret_fail_fgr_large_than_max(void)
 {
 	/* Create invalid param with fgr = FP_MAX_FINGER_COUNT */
 	struct ec_params_fp_read_match_secret test_match_secret = {
@@ -215,7 +217,8 @@ test_static int test_fp_command_read_match_secret_fail_fgr_large_than_max(void)
 	return EC_SUCCESS;
 }
 
-test_static int test_fp_command_read_match_secret_fail_timeout(void)
+test_static enum ec_error_list
+test_fp_command_read_match_secret_fail_timeout(void)
 {
 	/* Create valid param with 0 <= fgr < 5 */
 	struct ec_params_fp_read_match_secret test_match_secret_1 = {
@@ -235,7 +238,8 @@ test_static int test_fp_command_read_match_secret_fail_timeout(void)
 	return EC_SUCCESS;
 }
 
-test_static int test_fp_command_read_match_secret_unmatched_fgr(void)
+test_static enum ec_error_list
+test_fp_command_read_match_secret_unmatched_fgr(void)
 {
 	/* Create valid param with 0 <= fgr < 5 */
 	uint16_t matched_fgr = 1;
@@ -263,7 +267,8 @@ test_static int test_fp_command_read_match_secret_unmatched_fgr(void)
 	return EC_SUCCESS;
 }
 
-test_static int test_fp_command_read_match_secret_unreadable_state(void)
+test_static enum ec_error_list
+test_fp_command_read_match_secret_unreadable_state(void)
 {
 	/* Create valid param with 0 <= fgr < 5 */
 	uint16_t matched_fgr = 1;
@@ -291,7 +296,8 @@ test_static int test_fp_command_read_match_secret_unreadable_state(void)
 	return EC_SUCCESS;
 }
 
-test_static int test_fp_command_read_match_secret_derive_fail(void)
+test_static enum ec_error_list
+test_fp_command_read_match_secret_derive_fail(void)
 {
 	struct ec_response_fp_read_match_secret response = { 0 };
 	/* Create valid param with 0 <= fgr < 5 */
@@ -322,7 +328,8 @@ test_static int test_fp_command_read_match_secret_derive_fail(void)
 	return EC_SUCCESS;
 }
 
-test_static int test_fp_command_read_match_secret_derive_succeed(void)
+test_static enum ec_error_list
+test_fp_command_read_match_secret_derive_succeed(void)
 {
 	struct ec_response_fp_read_match_secret response = { 0 };
 	/* Create valid param with 0 <= fgr < 5 */
@@ -367,7 +374,7 @@ test_static int test_fp_command_read_match_secret_derive_succeed(void)
 	TEST_ASSERT(test_send_host_command(
 			    EC_CMD_FP_READ_MATCH_SECRET, 0,
 			    &test_match_secret_1, sizeof(test_match_secret_1),
-			    &response, sizeof(response)) == EC_SUCCESS);
+			    &response, sizeof(response)) == EC_RES_SUCCESS);
 
 	TEST_ASSERT_ARRAY_EQ(
 		response.positive_match_secret,